[PATCH] libsanitizer/sanitizer_common/sanitizer_linux_libcdep.cc: Avoid writing '\0' out of string's border
Chen Gang
gang.chen.5i5j@gmail.com
Mon Sep 1 08:52:00 GMT 2014
On 9/1/14 16:41, Jakub Jelinek wrote:
> On Thu, Aug 28, 2014 at 06:43:02AM +0800, Chen Gang wrote:
>> 'max_len' is the maximized length of 'name', so for writing '\0' to
>> "name[max_len]", it is out of string's border, need use "max_len - 1"
>> instead of.
>
> Depends on how the function's API is defined.
> And, at least in GCC sources that function seems to be completely unused,
> nothing calls it, so it is hard to guess what the API should be.
>
For me, if we are sure it is useless in future, we need remove it, now.
If we are sure it is useful in the future, we need improve it in time
(before it is used), it is not a good idea to let both caller and callee
notice about '\0':
- If caller has duty to notice about '\0', callee need not notice about
it: remove "name[max_len] = 0;"
- If callee has duty to notice about '\0', caller need not notice about
it: use "max_len - 1" instead of "max_len".
- For both cases, the related comments of declaration are redundancy,
need be removed (or improved).
And for safety (also easy understanding) reason, I prefer to remove it
firstly.
Thanks.
--
Chen Gang
Open, share, and attitude like air, water, and life which God blessed
More information about the Gcc-patches
mailing list